Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
949
Views
0
Helpful
6
Replies

Internet Routing - Loopback Question - Sanity Check

jc84_
Level 1
Level 1

‎11-03-2017 11:52 AM - edited ‎03-05-2019 09:25 AM

Just looking for a confirmation check here - don't do this nearly enough.

 

I have an existing Internet setup w/ (2) routers, connected to (2) ISPs running BGP.  The routers each announce the same /24 block to each ISP.  The Internet routers have a static route for this /24 block pointing to the firewall, which in turns is configured to use NAT on the subnet.  Very straight forward.

 

I have a requirement to configure Loopbacks on these Internet Edge routers and I would like to configure them out of the /24 that is statically routed to the firewall.

 

I've attached a diagram w/ some example IP blocks for reference.

 

Will there be a problem having the /24 statically routed to the firewall, while at the same time having a few IPs configured as loopbacks?

 

**Update - Loopbacks are not for BGP, they will be used to support a GRE tunnel.

1 person had this problem
Labels:
Preview file
120 KB
0 Helpful
6 Replies 6

Tinashe Ndhlovu
Level 1
Level 1

‎11-03-2017 12:28 PM

This would work but it just looks messy and a bit pitchy patchy if that's even a valid thing to say.. because if you peer with loopbacks, if your connection with ISP1 goes down, BGP will try going over ISP2 and fail and then ISP1 will just send all your traffic via learned routes from ISP2 but remember  the BGP neighbourships with ISP1 have failed which brings the question why? It can work however with a lot of /32 static routes and OSPFing but again one ISP fails all traffic will go over the other ISP anyway why bother sending the trafffic to the other router... I could be wrong but.. that's my two cents

0 Helpful

jc84_
Level 1
Level 1
In response to Tinashe Ndhlovu

‎11-03-2017 12:30 PM

I should have included this in my original post - which I will edit/update - but the Loopbacks are not for BGP.  They are to support a future GRE tunnel.

0 Helpful

Tinashe Ndhlovu
Level 1
Level 1
In response to jc84_

‎11-03-2017 12:34 PM

Ohhhh sorry man I was shooting from the hip there... come to think of it that shouldn't be problem.... more specific always wins but again I could be wrong ;)

0 Helpful

paul driver
VIP
VIP
In response to Tinashe Ndhlovu

‎11-04-2017 09:00 AM

Hello

If you wish to use addressing from this subnet on the internet rtrs lan interfaces and loopbacks then you'll need to cid'r the loopbacks out of the subnet

 

res

Paul

 

 


Please rate and mark as an accepted solution if you have found any of the information provided useful.
This then could assist others on these forums to find a valuable answer and broadens the community’s global network.

Kind Regards
Paul
0 Helpful

jc84_
Level 1
Level 1
In response to paul driver

‎11-04-2017 09:49 AM

Hi,

 

The Loopback isn’t addressed from the subnet that the router interfaces are addressed out of.  Take a look at the diagram and you will see that the loopbacks would be addressed out of a subnet that is statically routed via the firewall.

 

That subnet isn’t terminated on the firewall, but rather used by the firewall for NATing.

0 Helpful

paul driver
VIP
VIP
In response to jc84_

‎11-04-2017 11:37 AM

Hello

Apologies must of reviewed incorrectly - If its only used for NAT then yes it should be okay - You'll just need to exclude it

 

res
Paul

 

 


Please rate and mark as an accepted solution if you have found any of the information provided useful.
This then could assist others on these forums to find a valuable answer and broadens the community’s global network.

Kind Regards
Paul
0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card